• DocumentCode
    2593688
  • Title

    Multicast-specific security threats and counter-measures

  • Author

    Ballardie, Tony ; Crowcroft, Jon

  • Author_Institution
    Dept. of Comput. Sci., Univ. Coll. London, UK
  • fYear
    1995
  • fDate
    16-17 Feb 1995
  • Firstpage
    2
  • Lastpage
    16
  • Abstract
    Security issues in multicast communication have rarely been touched upon to date. We believe that wide-area multicast communication is at a substantially increased risk from specific security threats, compared with the same threats in unicast. This arises both from the lack of any form of effective group access control, and from the fact that multicast traffic traverses potentially many more communication links than does a single unicast communication, thereby creating more opportunity for a link attack. We discuss specific threats that are relevant to multicast, and explain why they are so. We propose security mechanisms specifically for multicast groups requiring safeguards that afford protection against some of these threats. More precisely, we propose a version of the IGMP protocol that can reliably enforce subnet-level group access control. We also describe a scalable mechanism to control multicast traffic in transit that can, for example, prevent a misbehaving source from causing undue congestion over the wide-area
  • Keywords
    access protocols; authorisation; internetworking; local area networks; telecommunication channels; telecommunication links; wide area networks; IGMP protocol; communication links; congestion; effective group access control; link attack; misbehaving source; multicast traffic; multicast traffic control; multicast-specific security threats; protection; safeguards; scalable mechanism; security threat counter-measures; subnet-level group access control; wide-area multicast communication; Access control; Access protocols; Communication system traffic control; Computer science; Computer security; Cryptography; Educational institutions; Internet; Multicast communication; Unicast;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network and Distributed System Security, 1995., Proceedings of the Symposium on
  • Conference_Location
    San Diego, CA
  • Print_ISBN
    0-8186-7027-4
  • Type

    conf

  • DOI
    10.1109/NDSS.1995.390649
  • Filename
    390649